This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 31%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
Hello,
I have one basic question around Conditional Access Policies.
As we know , Azure AD CA-Policies help us undergo the additional factors while any client-app is requesting token for any CLOUD RESOURCE
I have a client-app which is just preparing OAuth request with SCOPE=OpenID and redirecting user to AAD to collect the token.
If AAD-admin wants to make sure that such request must undergo MFA or TOU or any other CA-policy grant, which minimal set of CLOUD RESOURCE should be added in that CA-policy ??
Thanks
I have opened one thread at https://learn.microsoft.com/en-us/answers/questions/825145/azure-ad-conditional-access-2.html to discuss about AAD Conditional Policy.
Would you please look into it and help me.
Thanks.
hello team,
Any update on my above query ?
As usually MSFT folks are very prompt answering, looks like my concern is either too foolish OR too SPOT ON and not yet addressed by CA-policy.
I prefer the latter :)
Regardless, appreciate if somebody help me close this thread.
Can we use custom-security-attribute to fine tune such access through CA-policy.
Obviously I would avoid to wrap "All Cloud Resources" in the CA policy as it will be too restrictive.
Thanks.
Hello @testuser7
Thank you for your post.
I would like to confirm if I understood correctly your statement....
Are you referring to the following info ? https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/require-tou
Looking forward to your feedback,
BR,
Hi,
I found this info that might be helpful for your concern.
Cheers,
Hello @testuser7
I just wanted to follow up on this concern and if further assistance is required please let us know!
Regards,
We can close it.. I have requested private preview for CA-policy with Custom-security-attribute.
Hopefully that is the answer to my query.
Understood.
Many thanks for your feedback!